From e1581c669f31e1a43155d2ac5fe0926568629eaf Mon Sep 17 00:00:00 2001 From: Pablo Barciela Date: Sun, 17 Mar 2019 02:13:08 +0100 Subject: [Security] test-ditem: Use 'g_strlcat' instead of 'strcat' Fixes Clang static analyzer warning: test-ditem.c:94:2: warning: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119 strcat (path, "/foo.desktop"); ^~~~~~ --- libmate-desktop/test-ditem.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libmate-desktop/test-ditem.c b/libmate-desktop/test-ditem.c index d5cac2d..8ab6d29 100644 --- a/libmate-desktop/test-ditem.c +++ b/libmate-desktop/test-ditem.c @@ -91,7 +91,7 @@ test_ditem (const char *file) "Neu gesetzt!"); getcwd (path, 255 - strlen ("/foo.desktop")); - strcat (path, "/foo.desktop"); + g_strlcat (path, "/foo.desktop", sizeof (path)); g_print ("Saving to foo.desktop\n"); uri = g_filename_to_uri (path, NULL, NULL); -- cgit v1.2.1